CVE-2018-0184

Cisco IOS XE Software CLI parser vulnerability (CVE-2018-0184) allows an authenticated, local attacker with Privilege EXEC (level 15) to bypass argument sanitization and gain access to the underlying Linux shell, executing commands with root privileges. Affected component: CLI parser; root shell ...

CVE-2018-0176

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...

CVE-2018-0185

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

Cisco IOS XE Software CLI Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

Cisco IOS XE Software User EXEC Mode Root Shell Access Vulnerabilities

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...

Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

Incorrect Access Controls

github.com/cloudfoundry/bosh-cli uses incorrect access controls. If a user has access to an instance, they can use the contents of the BOSH CLI configuration file to perform authenticated requests to BOSH...

CVE-2018-1231

Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH...

CVE-2018-1231

Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH...

CVE-2018-1231

Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH...

CVE-2018-1231

CVE-2018-1231 affects Cloud Foundry BOSH CLI prior to v3.0.1. The issue is improper access control: a user with access to an instance can read the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH. Impact is described in sources as enabling authenticated a...

CVE-2018-1231: BOSH CLI does not restrict access to configuration file | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using BOSH CLI version prior to v3.0.1 Description Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the...

S3Scanner - Scan For Open S3 Buckets And Dump

A quick and dirty script to find unsecured S3 buckets and dump their contents. Using The tool has 2 parts: 1 - s3finder.py This script takes a list of domain names and checks if they're hosted on Amazon S3. Found S3 domains are output to file with their corresponding region in format...

EulerOS 2.0 SP2 : quagga (EulerOS-SA-2018-1065)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A double-free vulnerability was found in Quagga. A BGP peer could send a specially crafted UPDATE message which would cause allocated blocks of...

Fast CLI DNS Lookup Tool: ZDNS

ZDNS is a command-line utility that provides high-speed DNS lookups. For example, the following will perform MX lookups and a secondary A lookup for the IPs of MX servers for the domains in the Alexa Top Million: cat top-1m.csv | zdns MX --ipv4-lookup --alexa ZDNS is written in golang and is...

Integrate Security Checks with RIPS CLI

Getting started Installation The installation of rips-cli is described in detail in our documentation. You can download the PHAR build of our CLI tool into your bin directory and make it executable with the following commands: 1 2 sudo wget...

Default configuration

Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verifyssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks...

CVE-2017-2667

Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verifyssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks...

CVE-2017-2667

Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verifyssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks...

CVE-2017-2667

Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verifyssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks...